DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 are presented for examination.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 08/08/2024. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.
Regarding independent claims 1, 8, and 14, the claims recite verifying that a plurality of network nodes managing quantum keys within enclaves is secure by evaluating attestations for the enclaves generated by the plurality of network nodes, wherein the attestations indicate a security status for the enclaves; and obtaining one or more quantum keys through the plurality of network nodes. The limitations of verifying that a plurality of network nodes managing quantum keys within enclaves is secure by evaluating attestations for the enclaves generated by the plurality of network nodes, wherein the attestations indicate a security status for the enclaves; and obtaining one or more quantum keys through the plurality of network nodes, as drafted is a process that, under its broadest reasonable interpretation, covers concepts performed in the human mind. If a claim limitation, under its broadest reasonable interpretation, covers concepts performed in the human mind but for recitation of generic computer components, then it falls within the “Mental Processes” grouping of abstract ideas. Therefore, the claims recite an abstract idea.
This judicial exception is not integrated into a practical application. In particular, the claim only recites one additional element – using a processor to perform the verifying and obtaining steps. The processor in the steps is recited at a high-level of generality (i.e., as a generic processor performing a generic computer function of verifying that a plurality of network nodes managing quantum keys within enclaves is secure by evaluating attestations for the enclaves generated by the plurality of network nodes and obtaining one or more quantum keys through the plurality of network nodes) such that it amounts no more than mere instructions to apply the exception using a generic computer component. Accordingly, this additional element does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea.
The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional element of using a processor to perform the verifying and obtaining steps amounts to no more than mere instructions to apply the exception using a generic computer component. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. Therefore, claims 1-20 are not patent eligible.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1-20 are ejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Regarding independent claim 1 recites the limitations "managing quantum keys" in line 2 and “obtaining one or more quantum keys” in line 5. It is unclear whether “quantum keys” in lines 2 and 5 are same nor not. Therefore, it renders the claim indefinite.
Regarding claim 7 recites the limitations "receiving an attestation" in line 2. It is unclear whether “an attestation” in lines 2 and “generate an attestation” in line 2 of claim 6 are same nor not. Therefore, it renders the claim indefinite.
Regarding independent claim 8 recites the limitations "managing quantum keys" in line 2 and “obtain one or more quantum keys” in line 8. It is unclear whether “quantum keys” in lines 2 and 8 are same nor not. Therefore, it renders the claim indefinite.
Regarding claim 13 recites the limitations "receiving an attestation" in line 3. It is unclear whether “an attestation” in line 3 and “generate an attestation” in line 2 are same nor not. Therefore, it renders the claim indefinite.
Regarding independent claim 14 recites the limitations "managing quantum keys" in lines 3 and “obtain one or more quantum keys” in line 6. It is unclear whether “quantum keys” in lines 2 and 6 are same nor not. Therefore, it renders the claim indefinite.
Regarding claim 20 recites the limitations "receiving an attestation" in line 3. It is unclear whether “an attestation” in line 3 and “generate an attestation” in line 2 of claim 19 are same nor not. Therefore, it renders the claim indefinite.
Claims 2-6, 9-12, and 15-19 are also rejected because of dependency.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Lowans et al (US Patent Application Publication No. 2013/0251145 A1) listed in IDS dated 08/08/2024 hereinafter Lowans in view of Vahldiek-Oberwagner et al. (US Patent Application Publication No. 2021/0111892 A1) hereinafter Vahldiek-Oberwagner.
Regarding independent claims 1, 8, and 14, Lowans discloses a method, medium, and apparatus (fig. 4, element 400) comprising:
a plurality of network nodes (fig. 1 and 4, N2, N3, KMC and KMC2) managing quantum keys (para 0087, respective quantum keys are agreed in series between the KMC which acts a control QKD device and every other node (intermediate QKD devices) in a path between the KMC and the end-point node) within enclaves (fig. 4, enclaves 302 and 304) (para 0097, the KMC is in a physically secure location in a trusted sub-network provided by a first enclave 302. The end node, N.sub.3 is in a separate physically secure location in a trusted sub-network provided by a provided by a second enclave 304 and para 0125, the second enclave 304 has a separate KMC, KMC.sub.2. In this example, KMC.sub.2 is a slave of KMC.sub.1 but in other examples it may be an independent and trusted by the end-users); and
a network interface (fig. 6, para 0036 and 0144, communication unit) coupled to one or more processors (fig. 6, units 604-610), wherein the one or more processors are configured to:
verify that the plurality of network nodes is secure by evaluating attestations for the enclaves generated by the plurality of network nodes (para 0091, In the authentication step, each of the nodes Node.sub.X, Node.sub.Y passes to the other a cryptographic hash using the authentication key of a message MYX it passed to the other node in the key agreement step, the cryptographic hash being generated by mean of an authentication key AY which is a `shared secret` between the two nodes Node.sub.X, Node.sub.Y. In FIG. 2 the cryptographic hashes are denoted [MXY].sub.AY and [MYX].sub.AY. Each node compares the hash it receives from the other node with a locally generated equivalent, thus confirming the identity of the other node, hence protecting against a so-called `man-in-the-middle attack`. The whole or part of the quantum key established between the nodes Node.sub.X, Node.sub.Y may be used to generate or update the authentication key AY shared by the two nodes); and
obtain one or more quantum keys through the plurality of network nodes (para 0093, The quantum key may be changed to improve security. A new quantum key may be used to update a shared authentication key. Similarly, KMC.sub.2 shares authentication keys I.sub.2-2, I.sub.2-4, I.sub.2-5, I.sub.2-8 and I.sub.2-9 with Node.sub.2, Node.sub.4, Node.sub.5, EndPoint.sub.6 and EndPoint.sub.8 and EndPoint.sub.9 respectively), but does not explicitly disclose, however, Vahldiek-Oberwagner discloses wherein the attestations indicate a security status for the enclaves (fig. 5, attestation table 510) (para 0051, The format 520 of the attestation table 510 includes an enclave identifier field and a status field. Each of the rows 530A-530C stores data for a single enclave. The enclave identifier is a unique identifier for the enclave. For example, when an enclave is created, the trusted domain module 240 may assign the next unused identifier to the created enclave. The status field indicates the status of the enclave, such as attested, unattested, or not owned by the attesting tenant.). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of claimed invention to modify the teachings of Lowans to include the attestations indicate a security status for the enclaves as taught by Vahldiek-Oberwagner in order to provide scalable attestation for trusted execution environments (Vahldiek-Oberwagner, para 0016).
Regarding claims 2, 9, and 15, the combination of Lowans and Vahldiek-Oberwagner discloses the apparatus of claim 8, wherein the plurality of network nodes includes key management servers executing within the enclaves to manage the quantum keys (Lowans fig. 4, KMC and KMC2, para 0126).
Regarding claims 3, 10, and 16, the combination of Lowans and Vahldiek-Oberwagner discloses the apparatus of claim 8, wherein obtaining one or more quantum keys comprises: obtaining the one or more quantum keys using a quantum key distribution protocol (Lowans para 0092 and 0133, QKD protocols).
Regarding claims 4, 11, and 17, the combination of Lowans and Vahldiek-Oberwagner discloses the apparatus of claim 8, wherein the plurality of network nodes are configured to: establish a link between first and second nodes of the plurality of network nodes by sharing a quantum key between quantum nodes associated with the first and second nodes; and exchange corresponding attestations between the first and second nodes including data encrypted with the quantum key to indicate the link is secure (Lowans para 0127 and 0158).
Regarding claims 5, 12, and 18, the combination of Lowans and Vahldiek-Oberwagner discloses the apparatus of claim 11, wherein the quantum key is shared over a quantum link, and the corresponding attestations are exchanged over a classical communication link (Lowans para 0088 and 0095).
Regarding claims 6-7, 13, and 19-20, the combination of Lowans and Vahldiek-Oberwagner discloses the method of claim 1, wherein subsequent nodes within the plurality of network nodes generate an attestation including an encrypted attestation of a prior node and verifying comprises: receiving an attestation from a terminal node of the plurality of network nodes including attestations for enclaves of remaining network nodes; and evaluating the attestations from the terminal node for the enclaves of the plurality of network nodes to verify the plurality of network nodes (Lowans, para 0091 0092, and 0127).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure (see PTO-892).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BAOTRAN N TO whose telephone number is (571)272-8156. The examiner can normally be reached M-F: 8-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amir Mehrmanesh can be reached at 571-270-3351. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/BAOTRAN N TO/Primary Examiner, Art Unit 2435